Skip to content
This repository was archived by the owner on Sep 8, 2025. It is now read-only.

Commit 870292e

Browse files
shaneuttshaneutt
committed
chore: update the rcgen dev dependency for the API server
This needed to be done manually due to breaking changes that occurred in v0.13.0: https://github.com/rustls/rcgen/releases/tag/v0.13.0 Signed-off-by: Shane Utt <[email protected]>
1 parent 68b585c commit 870292e

File tree

3 files changed

+33
-166
lines changed

3 files changed

+33
-166
lines changed

Cargo.lock

Lines changed: 13 additions & 146 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

dataplane/api-server/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,4 +31,4 @@ tonic-build = { workspace = true }
3131

3232
[dev-dependencies]
3333
tempfile = "3.14.0"
34-
rcgen = "0.9.3"
34+
rcgen = "0.13.2"

dataplane/api-server/tests/test_setup_tls.rs

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
use anyhow::Result;
22
use api_server::config::{MutualTLSConfig, ServerOnlyTLSConfig, TLSConfig};
33
use api_server::setup_tls;
4-
use rcgen::{generate_simple_self_signed, Certificate, CertificateParams};
4+
use rcgen::{generate_simple_self_signed, CertificateParams, CertifiedKey};
55
use std::fs;
66
use tempfile::tempdir;
77
use tonic::transport::Server;
@@ -12,9 +12,9 @@ async fn test_tls_self_signed_cert() -> Result<()> {
1212
let temp_dir = tempdir().unwrap();
1313

1414
// Generate self-signed certificate
15-
let cert = generate_simple_self_signed(vec!["localhost".into()])?;
16-
let cert_pem = cert.serialize_pem()?;
17-
let key_pem = cert.serialize_private_key_pem();
15+
let CertifiedKey { cert, key_pair } = generate_simple_self_signed(vec!["localhost".into()])?;
16+
let cert_pem = cert.pem();
17+
let key_pem = key_pair.serialize_pem();
1818

1919
// Paths for the server cert and private key
2020
let cert_path = temp_dir.path().join("server.crt");
@@ -46,8 +46,8 @@ async fn test_tls_missing_cert() -> Result<()> {
4646
let temp_dir = tempdir().unwrap();
4747

4848
// Generate private key but skip certificate generation
49-
let cert = generate_simple_self_signed(vec!["localhost".into()])?;
50-
let key_pem = cert.serialize_private_key_pem();
49+
let CertifiedKey { cert: _, key_pair } = generate_simple_self_signed(vec!["localhost".into()])?;
50+
let key_pem = key_pair.serialize_pem();
5151

5252
// Only write the key file, omit the certificate
5353
let missing_cert_path = temp_dir.path().join("missing_server.crt");
@@ -76,8 +76,8 @@ async fn test_tls_missing_key() -> Result<()> {
7676
let temp_dir = tempdir().unwrap();
7777

7878
// Generate certificate but skip private key generation
79-
let cert = generate_simple_self_signed(vec!["localhost".into()])?;
80-
let cert_pem = cert.serialize_pem()?;
79+
let CertifiedKey { cert, key_pair: _ } = generate_simple_self_signed(vec!["localhost".into()])?;
80+
let cert_pem = cert.pem();
8181

8282
// Only write the certificate file, omit the private key
8383
let cert_path = temp_dir.path().join("server.crt");
@@ -107,14 +107,14 @@ async fn test_mtls_self_signed_cert() -> Result<()> {
107107
let temp_dir = tempdir().unwrap();
108108

109109
// Generate self-signed certificate
110-
let cert = generate_simple_self_signed(vec!["localhost".into()])?;
111-
let cert_pem = cert.serialize_pem()?;
112-
let key_pem = cert.serialize_private_key_pem();
110+
let CertifiedKey { cert, key_pair } = generate_simple_self_signed(vec!["localhost".into()])?;
111+
let cert_pem = cert.pem();
112+
let key_pem = key_pair.serialize_pem();
113113

114114
// Generate CA
115115
let ca_params = CertificateParams::default();
116-
let ca_cert = Certificate::from_params(ca_params)?;
117-
let ca_cert_pem = ca_cert.serialize_pem()?;
116+
let ca_cert = ca_params.self_signed(&key_pair)?;
117+
let ca_cert_pem = ca_cert.pem();
118118

119119
// Cert file paths
120120
let cert_path = temp_dir.path().join("server.crt");
@@ -150,9 +150,9 @@ async fn test_mtls_invalid_ca_cert() -> Result<()> {
150150
let temp_dir = tempdir().unwrap();
151151

152152
// Generate server cert and key
153-
let cert = generate_simple_self_signed(vec!["localhost".into()])?;
154-
let cert_pem = cert.serialize_pem()?;
155-
let key_pem = cert.serialize_private_key_pem();
153+
let CertifiedKey { cert, key_pair } = generate_simple_self_signed(vec!["localhost".into()])?;
154+
let cert_pem = cert.pem();
155+
let key_pem = key_pair.serialize_pem();
156156

157157
// Write valid server cert and key
158158
let cert_path = temp_dir.path().join("server.crt");
@@ -186,9 +186,9 @@ async fn test_mtls_missing_ca_cert() -> Result<()> {
186186
let temp_dir = tempdir().unwrap();
187187

188188
// Generate server cert and key
189-
let cert = generate_simple_self_signed(vec!["localhost".into()])?;
190-
let cert_pem = cert.serialize_pem()?;
191-
let key_pem = cert.serialize_private_key_pem();
189+
let CertifiedKey { cert, key_pair } = generate_simple_self_signed(vec!["localhost".into()])?;
190+
let cert_pem = cert.pem();
191+
let key_pem = key_pair.serialize_pem();
192192

193193
// Write valid server cert and key
194194
let cert_path = temp_dir.path().join("server.crt");

0 commit comments

Comments
 (0)